video 16

2024-10-24 13:29:49 +02:00 · 2024-10-24 13:29:49 +02:00 · d0b1d9b775
commit d0b1d9b775
parent c6d1b9a2ad
4 changed files with 114 additions and 2 deletions
--- a/flake.lock
+++ b/flake.lock
@ -21,6 +21,27 @@
        "type": "github"
      }
    },
+    "colmena": {
+      "inputs": {
+        "flake-compat": "flake-compat",
+        "flake-utils": "flake-utils",
+        "nixpkgs": "nixpkgs_2",
+        "stable": "stable"
+      },
+      "locked": {
+        "lastModified": 1728263678,
+        "narHash": "sha256-gyUVsPAWY9AgVKjrNPoowrIr5BvK4gI0UkDXvv8iSxA=",
+        "owner": "zhaofengli",
+        "repo": "colmena",
+        "rev": "b0a62f234fae02a006123e661ff70e62af16106b",
+        "type": "github"
+      },
+      "original": {
+        "owner": "zhaofengli",
+        "repo": "colmena",
+        "type": "github"
+      }
+    },
    "darwin": {
      "inputs": {
        "nixpkgs": [
@ -79,6 +100,37 @@
        "url": "https://code.m3tam3re.com/m3tam3re/dotfiles-flake-demo.git"
      }
    },
+    "flake-compat": {
+      "flake": false,
+      "locked": {
+        "lastModified": 1650374568,
+        "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=",
+        "owner": "edolstra",
+        "repo": "flake-compat",
+        "rev": "b4a34015c698c7793d592d66adbab377907a2be8",
+        "type": "github"
+      },
+      "original": {
+        "owner": "edolstra",
+        "repo": "flake-compat",
+        "type": "github"
+      }
+    },
+    "flake-utils": {
+      "locked": {
+        "lastModified": 1659877975,
+        "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
+        "type": "github"
+      },
+      "original": {
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "type": "github"
+      }
+    },
    "home-manager": {
      "inputs": {
        "nixpkgs": [
@ -153,6 +205,22 @@
      }
    },
    "nixpkgs_2": {
+      "locked": {
+        "lastModified": 1725103162,
+        "narHash": "sha256-Ym04C5+qovuQDYL/rKWSR+WESseQBbNAe5DsXNx5trY=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "12228ff1752d7b7624a54e9c1af4b222b3c1073b",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "nixpkgs_3": {
      "locked": {
        "lastModified": 1726463316,
        "narHash": "sha256-gI9kkaH0ZjakJOKrdjaI/VbaMEo9qBbSUl93DnU7f4c=",
@ -171,13 +239,30 @@
    "root": {
      "inputs": {
        "agenix": "agenix",
+        "colmena": "colmena",
        "disko": "disko",
        "dotfiles": "dotfiles",
        "home-manager": "home-manager_2",
-        "nixpkgs": "nixpkgs_2",
+        "nixpkgs": "nixpkgs_3",
        "nixpkgs-stable": "nixpkgs-stable"
      }
    },
+    "stable": {
+      "locked": {
+        "lastModified": 1724316499,
+        "narHash": "sha256-Qb9MhKBUTCfWg/wqqaxt89Xfi6qTD3XpTzQ9eXi3JmE=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "797f7dc49e0bc7fab4b57c021cdf68f595e47841",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-24.05",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
    "systems": {
      "locked": {
        "lastModified": 1681028828,
--- a/flake.nix
+++ b/flake.nix
@ -18,6 +18,8 @@
    nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
    nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-24.05";

+    colmena.url = "github:zhaofengli/colmena";
+
    agenix.url = "github:ryantm/agenix";

    disko = {
@ -36,6 +38,7 @@
    agenix,
    home-manager,
    nixpkgs,
+    nixpkgs-stable,
    ...
  } @ inputs: let
    inherit (self) outputs;
@ -69,5 +72,25 @@
        modules = [./home/m3tam3re/m3tam3re.nix];
      };
    };
+    colmena = {
+      meta = {
+        nixpkgs = import nixpkgs {
+          system = "x86_64-linux";
+        };
+        specialArgs = {inherit inputs outputs;};
+      };
+      m3-kratos-vm = {
+        deployment = {
+          targetHost = "m3-kratos-vm";
+          targetUser = "m3tam3re";
+          tags = ["vm"];
+        };
+        imports = [
+          ./hosts/m3-kratos
+          inputs.disko.nixosModules.disko
+          agenix.nixosModules.default
+        ];
+      };
+    };
  };
 }
--- a/hosts/m3-kratos/configuration.nix
+++ b/hosts/m3-kratos/configuration.nix
@ -89,6 +89,11 @@
  networking.nat.enable = true;
  networking.nat.internalInterfaces = ["ve-+"];
  networking.nat.externalInterface = "enp1s0";
+
+  #security.sudo.wheelNeedsPassword = false;
+
+  security.sudo.extraConfig = "m3tam3re ALL=(ALL) NOPASSWD: ALL";
+
  # networking.firewall.enable = false;
  # This value determines the NixOS release from which the default
  # settings for stateful data, like file locations and database versions
--- a/hosts/m3-kratos/default.nix
+++ b/hosts/m3-kratos/default.nix
@ -39,6 +39,5 @@
    ./secrets.nix
    ./services
  ];
-
  extraServices.podman.enable = true;
 }